Re: [PATCH 1/4] module: add syscall to load module from fd

public inbox for linux-man@vger.kernel.org
 help / color / mirror / Atom feed

From: Rusty Russell <rusty@rustcorp.com.au>
Cc: "H. Peter Anvin" <hpa@zytor.com>,
	Kees Cook <keescook@chromium.org>,
	linux-kernel@vger.kernel.org,
	Lucas De Marchi <lucas.demarchi@profusion.mobi>,
	jonathon@jonmasters.org, Michael Kerrisk <mtk.manpages@gmail.com>,
	linux-man@vger.kernel.org
Subject: Re: [PATCH 1/4] module: add syscall to load module from fd
Date: Thu, 03 Jan 2013 10:42:24 +1030	[thread overview]
Message-ID: <87fw2j5dlj.fsf@rustcorp.com.au> (raw)
In-Reply-To: <CAHO5Pa29_=3HNLG-qtULZ2fmkgPJ6JCZ0LTv9m=UowfvFufhMw@mail.gmail.com>

Michael Kerrisk <mtk.manpages@gmail.com> writes:
> Hi Rusty,

Hi Michael,

> The description here is rather thin. Could you supply a sentence or
> two for each of MODULE_INIT_IGNORE_MODVERSIONS and
> MODULE_INIT_IGNORE_VERMAGIC that would be suitable for the manual
> page?
>
> Thanks,

There are one or two safety checks built into a module, which are
checked to match the kernel on module load.  The first is a "vermagic"
string containing the kernel version number and prominent features (such
as CPU type).  If the module was built with CONFIG_MODVERSIONS set, a
version hash is recorded for each symbol the module uses based on the
types it refers to: in this case, the kernel version number within the
"vermagic" string is ignored, as the symbol version hashes are assumed
to be sufficiently reliable.

Using the MODULE_INIT_IGNORE_VERMAGIC flag indicates that the vermagic
is to be ignored, and the MODULE_INIT_IGNORE_MODVERSIONS flag indicates
that the version hashes are to be ignored.  If the kernel is built to
permit such forced loading (ie. CONFIG_MODULE_FORCE_LOAD is set) then
loading will continue, otherwise it will fail with ENOEXEC as expected
for malformed modules.

Hope that is more usable?

Thanks,
Rusty,

next prev parent reply	other threads:[~2013-01-03  0:12 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <1348179300-11653-1-git-send-email-keescook@chromium.org>
     [not found] ` <CAHO5Pa2fysDRS3sFSy785XBKApxydN0ONW5kAfVJNkrB+wOaBw@mail.gmail.com>
     [not found]   ` <50749DE8.7010703@zytor.com>
     [not found]     ` <CAKgNAkgLW+0aHwzoY6vxmeeK_K5w2RyhxW+jOaJDn274NVbajw@mail.gmail.com>
     [not found]       ` <5074A0AB.8040207@zytor.com>
     [not found]         ` <87d30o7iy6.fsf@rustcorp.com.au>
     [not found]           ` <CAKgNAkh=99=x1=8Y=3odem-fXc9zEEbLvCc0WQku5Kyso4qHuQ@mail.gmail.com>
     [not found]             ` <87ipa8o4mn.fsf@rustcorp.com.au>
     [not found]               ` <CAKgNAkiVxUiqJ1pYNq3wW_yQxcyhqntUzcEWscFOhJ3GaVn1aQ@mail.gmail.com>
     [not found]                 ` <87sj97hs5e.fsf@rustcorp.com.au>
     [not found]                   ` <87sj97hs5e.fsf-8n+1lVoiYb80n/F98K4Iww@public.gmane.org>
2012-12-21  0:01                     ` [PATCH 1/4] module: add syscall to load module from fd Michael Kerrisk
2013-01-03  0:12                       ` Rusty Russell [this message]
     [not found]                         ` <87fw2j5dlj.fsf-8n+1lVoiYb80n/F98K4Iww@public.gmane.org>
2013-01-06 18:59                           ` Michael Kerrisk (man-pages)
     [not found]                             ` <CAKgNAkggu9+AuMRqTFeNy9sJVCMcZVRZx43t=svF=gm+P4DnuQ-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2013-01-06 20:24                               ` Kees Cook
     [not found]                                 ` <CAGXu5jJXoYO3CzpENAZYANLzySPPjzDVO_qLonqwxUUu1Ux=sg-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2013-01-07  1:41                                   ` Michael Kerrisk (man-pages)
2013-01-09 17:29                               ` Lucas De Marchi
     [not found]                                 ` <CAMOw1v6Jk7adSeppunBe0GaW3w3MREU0_hW68_Fbh2599jctkg-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2013-01-10  0:55                                   ` Michael Kerrisk (man-pages)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=87fw2j5dlj.fsf@rustcorp.com.au \
    --to=rusty@rustcorp.com.au \
    --cc=hpa@zytor.com \
    --cc=jonathon@jonmasters.org \
    --cc=keescook@chromium.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-man@vger.kernel.org \
    --cc=lucas.demarchi@profusion.mobi \
    --cc=mtk.manpages@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox